Strong Mobile Device Protection from Loss and Capture
Z. Le, M. Bishop, and F. Makedon, “Strong Mobile Device Protection from Loss and Capture,” Proceedings of the 2nd ACM International Conference on Pervasive Technologies Related to Assistive Environments pp. 30:1–30:7 (June 2009).
- Published version web page, free at ACM Digital Library 
- Published version web page, paper paywalled at ACM Digital Library: [DOI] [URL]
- Authors’ final version:
Assistive environments employ multiple types of devices to monitor human actions and identify critical events for physical safety. Some of the devices must be wireless in order to be nonintrusive. This introduces the problem of authenticating these devices and building secure communication channels among them. The traditional way is to assign a private key to a device for digital identification. In this paper, we present an approach to protect the private key by introducing a third party and bilaterally and proactively generating a random number to refresh key shares based on Bellare and Miner’s forward secure signature scheme. This improves the resilient mediated RSA solution because the entire private key is also updated periodically. In this way, if an attacker steals one key share, he only can use it for a limited period of time because it will be obsolete immediately after the next refresh operation. Even if he compromises both key shares simultaneously, the digital signatures generated by previous private keys are still secure. Our scheme is proven to be intrusion resilient based on the CDH assumption in the random oracle model. The construction is also quite efficient.